Linked Mode also provides a single login for multiple vCenter Servers and then shows you a common inventory view and allows you to search for objects across vCenters. Licenses, roles and permissions are replicated between vCenter instances.

Linked mode has always been only available for Windows vCenters (ADAM is used as the replication engine) so you couldn’t share licenses, roles and permissions with any vCenter appliances you had.

With the release of the new Platform Services Controller in vSphere 6.0, some of the Linked Mode functionality is changing and its been given a new same.

vSphere will also now include an Enhanced Linked Mode which will require and work in conjunction with the Platform Services Controller.

This will not rely on ADAM but have its own replication system which is a multi-master replication technology also called VMDir based on Open LDAP which means replication now works across Windows vCenter as well as vCenter appliances.

Replication will be expanded to include Policies and Tags along with Roles and Permissions. In fact the replication engine will allow VMware to sync any kind of information between Platform Services Controllers which can then be used by vCenters and other management products. Bye bye ADAM, you won’t be missed.

vSphere networking hasn’t had any huge additions in this release. This is partly to be expected as VMware’s networking messaging is mainly revolved around NSX for now.

Network I/O Control (NIOC) has however had a very useful addition, you can now have Per VM and Distributed Switch bandwidth reservations. You can therefore guarantee compute as well as network resources for your critical VMs.

IPv6 has also been beefed up but this is mainly for new greenfield deployments. It’s not easy to transition from IPv4 to IPv6 so I think VMware sees IPv6 for only new deployments. You will be able to manage ESXi purely with IPv6 and iSCSI and NFS will also be supported. In the future, VMware is looking to move to IPv6 only for vSphere management but that’s a few years out, dual stack IPv4 and IPv6 will be around for a while.

VMware is at last tackling the nightmware of managing vSphere certificates in a more holistic way. Things were relatively simple until VMware started splitting up the compoments of vSphere into multiple components each requiring their own certificate with very particular settings. VMware had released the SSL Certificate Automation Tool which at least attempted to make the installation of the certificates a little easier but it took the perseverance and excellent scripting of Derek Seaman with his certificate series to make the actual process usable.
Customer feedback regarding certificate management has repeatedly highlighted the convoluted process so VMware has finally come up with a solution they believe reduces the operational overhead of managing certificates.

VMware is included two components into the new Platform Services Controller:
The VMware Certificate Authority (VMCA). This is not just a certificate management tool but actually a full blown Certificate Authority in itself. It can provision each ESXi host and each vCenter Server and its associated services with certificates that it signs.
The VMware Endpoint Certificate Service (VECS). This is a service that will store all certificates and private keys for vCenter Server and its associated services.

This means you will no longer have to manually update each separate vCenter component, you can just store all the certs in the VECS and get vCenter to use them.
ESXi host certificates will still be stored locally on each host but can be provisioned from the VMCA.
You don’t have to use the VMCA as a certificate authority or have it in your certificate chain and can choose to use your Enterprise CA or roll your own but you will need to use the VECS to store certs and keys for vCenter.

VMware is also simplifying the number of certificates it requires for vCenter internally. vCenter 5.5 needed separate certificates for at least the following:

With vSphere 6.0 there are more components but these components are now being grouped together into what’s being called Solution Users (SU). SUs now hold the certificate for the group rather than each component.

This is what it looks like in the PSC

All the certificate management will be done from a CLI. If you upgrade vCenter or hosts from ESXi 5.x, they will keep their existing certificates.

There are also a number of deployment options:

VMCA Root CA

This is where the VMCA acts as your entire certificate authority and is therefore the simplest deployment. This is the default installation. You will need to trust the VMCA in your browsers to avoid pesky certificate warnings.

Subordinate VMCA

After installation you can make the VMCA a subordinate CA to your Enterprise CA. The VMCA will then mint your certificates which makes the process simpler and itself would be trusted by your enterprise CA.

External CA

After installation, all certificates are replaced from yout Enterprise CA. VMCA will still manage the certificates but it allows you to use your existing Enterprise PKI solution.

Hybrid (VMCA & External)

You can use a hybrid model where the VMCA is created during installation and your vCenter certificates are replaced. YOu can then choose which certificates to replace from your external CA and which to have the VMCA generater. You could for example have all externally facing certificates generated from your Enterprise CA and all the internal hidden from view VMware vCenter service certificates generated by the VMCA.

At last VMware is making certificate management a little easier, to be honest it should have been there when they decided you needed a million very particular certificates for vCenter but I suppose with a rather large development organisation working on different components, common certificates wasn’t high on the priority list, I’m glad it is now.

NFS has been available as a storage protocol since 2006 with ESX 3.0 and vSphere has been using NFS version 3 for all this time. There’s been no update to how NFS works.

I’ve been a massive fan of NFS since it was released. No LUNs, much bigger datastores and far simpler management. Being able to move around, back up and restore VM disk files natively from the storage array is extremely powerful. NFS datastores are by default thin-provisioned which allows you your VM admin and storage admin to agree on actual storage space utilisation.

However, good old NFSv3 has a number of limitations, there is no multi-pathing support, limited security and performance is limited by the single server head.

vSphere 6.0 introduces NFS version v4.1 to solve many of these limitations.

NFS 4.1 introduces multi-pathing by supporting session trunking using multiple remote IPs to a single session. Not all vendors will support this so best to check. You can now have increased performance from load-balanced and parallel access, with it comes better availability from path failover.

There is improved security using Kerberos authentication. You need to add your ESXi hosts to AD and specify a Kerberos user before creating any NFSv4.1 datastores with Kerberos enabled . You then use this Kerberos username and password to authenticate against the NFS mount. All files stored in all Kerberos enabled datastore will be accessed using this single user’s credentials. You should always use the same user on all hosts otherwise vMotion and other features might fail if two hosts use different Kerberos users. NTP is also a requirement as usual when using Kerberos. This configuration can be automated with Host Profiles.

NFSv4.1 now allows you to use a non-root user to access files. RPC header authentication has also been added to boost security, it only supports DES-CBC-MD5 which is universal rather than the stronger AES-HMAC which is not supported by all vendors. Locking has been improved with in-band mandatory locks using share reservations as a locking mechanism. There is also better error recovery.

There are some caveats however with using NFS v4.1. NFSv4.1 is not compatible with SDRS, SIOC, SRM and VVols but you can continue to use NFSv3 datastores for these.

NFSv3 locking is not compatible with NFSv4.1. You must not mount an NFS share as NFSv3 on one ESXi host and mount the same share as NFSv4.1 on another host, best to configure your array to use one NFS protocol, either NFS v3 or v4.1, but not both.

The protocol has also been made more efficient by being less chatty by compounding operations, removing the file lock heartbeat and session lease.

All paths down handling is now different with multi-pathing support. The clock skew issue that caused an all path down issue in vSphere 5.1 and 5.5 has been fixed in vSphere 6.0 for both NFSv3 and NFSv4.1. With multi-pathing, IO can failover to other paths if one path goes down, there is no longer any single point of failure.

Very happy to see NFSv4.1 see the light of day with vSphere for at least the multi-pathing as this caused many people to go down the block protocol route with the added complexity of LUNs, however, its a pity NFSv4.1 is not supported with VVols. I’m sure VMware must be working on this.

Finally, the time has come for VMware to publicly announce its latest update to version 6.0 of its ever growing virtualisation platform, vSphere.

It’s been a rather strange and somewhat convoluted journey to get to the actual announcement.

For the first time ever for VMware (kudos!), there was a very large public Beta (more than 10,000 people) but participants had to sign an NDA to join which meant they couldn’t talk about it. VMware itself then outed many of the features during keynotes and sessions at VMworld San Francisco 2014 (to the consternation and surprise of some product managers!) but still had to call the beta a Tech Preview. Pat Gelsinger himself called out the name during his keynote despite everyone else at VMware trying to keep quiet on the official name. All this left many people unsure what they could and couldn’t talk about. The apparent legal reason for not being able to officially announce vSphere 6.0 is all to do with financials. VMware didn’t want to announce a future product in 2014 as they would then be obliged to account for future earnings. So, the whole song and dance is nothing to do with technology and all to do with financial reporting, isn’t life fun!

Personally, I don’t think this was handled in the best way, fantastic to have a public beta but no point trying to strictly control the messaging with an NDA with so many people involved. Even Microsoft and Apple have more open public betas nowadays.

As of today, that’s now officially water under the bridge (although I hope they learn some things for next time). The covers have finally been lifted and VMware has officially announced vSphere 6.0

VMware says there are three focus areas for this vSphere release:

Continue to be the best and most widely used virtualisation platform

Be able to virtualise all x86 workloads. Run all today’s traditional datacenter apps however big they are such as Oracle, SAP, Microsoft Dynamics and Java and build on that foundation to run the next generation of cloud applications as part of a Software Defined Datacenter such as NodeJS, Rails, Spring, Pivotal and Hadoop

Although numbered 6.0 I would say as with vSphere 5.5, this is another evolutionary rather than revolutionary update and other than VMware’s recent cadence of a major update every two years could have been part of the vSphere 5 family. VSAN and NSX were the major new product announcements at VMworld 2013 and VMware decided to leave the big announcement infrastructure wise for VMworld 2014 to EVO:RAIL and its vCloud Air and vRealize rebranding.

As for vSphere 6.0, VMware has called this release the foundation for the Software Defined Datacenter.

The major new highlight as everyone knows is Virtual Volumes (VVols) which VMware has been talking about publicly since VMworld 2011 (I called vVols VMware’s revolutionary approach to storage) and is a very significant update. VVols completely change the way storage is presented, managed and consumed and certainly for the better. Most storage vendors are on board as their software needs to be able to support VVols and they’ve been champing at the bit for VVols to be released. Talk was it was technically ready for vSphere 5.5 but VMware decided to keep it back, perhaps to let VSAN have its year in the sun and to give vSphere 6.0 something big.

VVols may be the headliner but there’s plenty else VMware has been working on:

As a regular London VMUG attendee and sometime presenter I am more than aware of the value of having community presentations. Sure, the VMware and vendor presentations are very useful but its the in the field, real-world, warts and all, non-marketing,nothing to sell, tell it like it is presentations that are often the most interesting.

In fact casting my mind back over many years of VMUGs, there are some outstanding vendor presentations I remember but to be honest most of the memorable ones have been from community members sharing their stories.

This is where you are misguided my dear VMUG friend. Sharing your stories, of that botched migration, bug in a PowerShell script, faulty unreliable firmware, vendor promises that aren’t kept as well as the awesome little trick you found, hardware hack you performed, cable splicing, .vib hacking, batch file busting success story is what we really really want to hear because if you don’t let us know, there’s no one else who will.

A full presentation of 45-50 minutes is daunting, I know, I’ve done a few and it is a lot of preparation work but how about 10 minutes?

You probably spent way more time than 10 minutes explaining your project to your colleagues/wife/kids so why not do it at a VMUG?

You don’t need to be an expert, guru or superman, just have a story to share and a little bit of help to give.

You may be nervous standing up in front of a crowd, well do it sitting down Seriously, you will not be judged or have tomotoes thrown at you and will be supported and encouraged through whatever nervousness you may have.

If I’ve managed to encourage you to get over your apprehension, the London VMUG has put its hands in its pocket and is enticing you with some pretty amazing prizes if you take part in vFactor which is a competition for 5 x 1st time VMUG presenters who are end users and can doll out 10 minutes of their wisdom on a virtual cloudy related topic on 22nd January at the next VMUG meeting.

I have had the pleasure today of presenting at the 4th annual UK VMware User Group conference at the National Motorcycle Museum in Solihull near Birmingham.

I did a whirlwind tour of everything that was announced at VMworld and believe me, there was a huge amount. OK, so no major release which is the norm (but plenty of teasers) but enough other things going on in the VMware space to fill more than a UKVMUG! I know, I’ve done the research! Even though I was at VMworld US, so much was going on that I didn’t appreciate all the new shiny things being announced and once you start getting down to the nitty gritty of everything, you will be amazed at how much is going on.

I really didn’t have time to go through everything in detail so the presentation acts as an independently curated jumping off point for you to find out more information about the announcements that matter to you. You may not care particularly about hyper-converged or OpenStack so you can flick through the slides and then head off to continue your explorations.

Nutanix has initiated a rather big, bold and generous program to donate to a non-profit organisation $500,000 in data center infrastructure.

The program is called Web-scale Wish and the community will get to choose the non-profit who wins the Grand Prize makeover which is made up of:

three Nutanix NX-3050 nodes

three Ultimate Software Licenses

three years of Nutanix Platinum Plus support

two-day on-site installation service by Nutanix

Anyone can nominate an organisation they feel would benefit and nominations are open until Friday November 21st. There are so many non-profit organisations doing such amazing work but often the benefits of a modern IT infrastructure are just a dream and certainly way out of reach financially for organisations committing their finances to helping others.

There are some requirements to be met from the non-profit to be considered:

Be a non-profit, non-partisan organisation based in the United States, Canada, Australia, New Zealand or the United Kingdom

Have a currently working data center that could benefit from web-scale converged infrastructure

The final three organisations we select will then be featured in a virtual event on Wednesday, December 10 where the entire community will have the opportunity to vote to determine the Grand Prize recipient.

This is a fantastic initiative where you can help Nutanix make a real IT difference to a non-profit you care about that needs an IT makeover and I am very proud they’ve asked me to help with the judging.

This isn’t just your run of the mill, normal VMUG (if there is such a thing!) and has been seriously enhanced over the already phenomenal 2013 version. What takes it to another level is the content that you can’t even get at VMworld…and remember, it’s free!

The opening keynote is by VMware EMEA CTO, Joe Baguley who always delivers and as his talk is titled “CTO Rant-as-a-Service”, you can expect an inside look into what Joe sees out in the world and what gets under his skin! Of course he will be punting the VMware SDDC vision but as he talks to people day in and day out, he has a very good idea how the real world of IT works with invaluable insight into how your own company and its competitors actually do IT.

In addition, never before seen at a VMUG as far as I know, is a round table discussion with Joe called “Ask the CTO Anything”. Seriously can you imagine having direct access to one of VMware’s most senior strategists and being able to ask him anything. Joe isn’t just your strategy marketer with a good stage presence, he’s seriously technical himself so make sure you take advantage of the opportunity.

Was excellent to have the final Run VMworld this morning although it didn’t feel like it until we started. Thanks to everyone who joined over the week, it was great to meet everyone and chat.

General Session

Today’s General Session isn’t the usual VMware announcement session but named People + Machines: Redefining The Possible featuring three innovators exploring new ways of connecting people and machines.

Sean Gourley who is a physicist and Collective Intelligence Researcher and another TED Fellow and Rhodes Scholar. Sean’s work is a collaboration between people and machines, as a way to understanding very complex information. http://seangourley.com/